﻿#region

using System.Web.Mvc;

#endregion

namespace VinhSon.Intranet.Models.Security
{
    public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        public string Group { get; set; }

        public string Name { get; set; }

        public string Key { get; set; }

        public string Description { get; set; }

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
            if (!skipAuthorization)
            {
                if (AppUtil.AuthorizeContext.IsAuthorized(filterContext))
                    base.OnAuthorization(filterContext);
                else
                    base.HandleUnauthorizedRequest(filterContext);
            }
        }
    }
}
